<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/**
 * Authentication Library
 * 
 * @package     Personal
 * @category    Library
 * @author      Gene Bryan Ronquillo
 * @link        http://generonquillo.com
 * @version     2.0
 */

class Auth {
    
	protected $ci = '';
	
	public $user = '';
	
    public function __construct()
    {
        $this->ci =& get_instance();
        
        $this->ci->load->model('auth_model');
		
		$this->user = $this->ci->auth_model->get_user();
    }
    
    // ------------------------------------------------------------------------
    
    public function login($fields)
    {
        $user = $this->ci->auth_model->login($fields);
        
        if ($user === FALSE) return FALSE;
        
        // update activity
        $this->ci->auth_model->update_last_activity($user['user_id']);
        
        // create cookie
        $this->create_cookie($user);
        return TRUE;
    }
    
    // ------------------------------------------------------------------------
    
    public function create_cookie($user = '')
    {
        $user = $user ? $user : $this->user;
        
		$this->ci->load->model('website_model');
		$sites = $this->ci->website_model->get_user_websites($user['user_id']);
		
		$data = array(
            'user_id'       => $user['user_id'],
            'key'           => $this->ci->auth_model->_hash_string($user['password'], $user['salt']),
            'logged_in'     => TRUE,
			'role_access'	=> $this->ci->auth_model->get_role_permissions($user['role_id']),
			'websites'		=> $sites['sites']
        );
        
        $this->ci->session->set_userdata($data);
        
        return TRUE;
    }
    
    // ------------------------------------------------------------------------
    
    public function is_logged_in($user_type = '')
    {
        $user = $this->user;
        
        if ($user)
        {
            $key = $this->ci->auth_model->_hash_string($user['password'], $user['salt']);
            
            // check for validity
            if (($this->ci->session->userdata('logged_in') === TRUE) && ($this->ci->session->userdata('key') == $key))
            {
                $this->ci->auth_model->update_last_activity($user['user_id']);
                
                // return user or TRUE?
                return $user;
            }
        }
        
        // no user found
        $this->logout();
		redirect('login');
        // return FALSE;
    }
    
    // ------------------------------------------------------------------------
	
	public function has_permission($uri = '')
	{
		$url = $uri[1] == 'index' ? $uri[0] : implode('/', $uri);
		
		// super admin
		if ($this->user['role_id'] == '1') return TRUE;
		
		$perm 	= $this->ci->auth_model->get_permission($url, 'permission_url');
		$parent = $uri[1] == 'index' ? FALSE : $this->ci->auth_model->get_permission($uri[0], 'permission_url');
		
		// get permission of logged in user and 
		$role = $this->ci->session->userdata('role_access');
		#$role = $this->ci->auth_model->get_role_permissions($this->user['role_id']);
		
		// user role has assigned permissions
		if ($role['perm_ids'])
		{
			$data = explode(',', $role['perm_ids']);
			
			// parent and child permission found
			if ((in_array($parent['permission_id'], $data)) && (in_array($perm['permission_id'], $data))) return TRUE;
			
			// allow access if parent module is defined
			if ($parent && $perm === FALSE) return TRUE;
			
			if ($parent === FALSE) return TRUE;
		}
		
		// user not authorized 403
		show_404();
	}
	
	// ------------------------------------------------------------------------
	
	public function log_action($code = '', $action = '')
	{
		switch ($code)
		{
			case 'c':	$operation = 'CREATE';
						break;
			case 'u':	$operation = 'UPDATE';
						break;
			case 'd':	$operation = 'DELETE';
						break;
			default:	return FALSE;
						break;
		}
		
		$data = array(
			'operation'		=> $operation,
			'user_id'		=> $this->user['user_id'],
			'ip_address'	=> $this->ci->input->ip_address(),
			'action'		=> $action
		);
		
		$this->ci->load->model('user_model');
		$this->ci->user_model->log_action($data);
		return TRUE;
	}
	
	// ------------------------------------------------------------------------
    
    public function logout()
    {
        $this->ci->session->sess_destroy();
        return TRUE;
    }
    
    // ------------------------------------------------------------------------
	
	public function show_menu()
	{
		$this->ci->load->model('menu_model');
		
		$data['menumenu'] = $this->ci->menu_model->list_menu_role($this->user['role_id']);
		
		echo $this->ci->load->view('menu', $data, TRUE);
	}
	
	// ------------------------------------------------------------------------
    
}

/* End of file auth.php */
/* Location: ./application/libraries/auth.php */